Assessing possible risk before using social media platforms and apps
and instant messaging services such as Facebook, Twitter, WhatsApp, Skype, and WeChat give you the power to connect with others effortlessly and share information instantly. But using these services can provide threat actors easy access to your information and devices. You can even be placing your online identity and that of your colleagues at risk, or exposing your organization’s brand and image to harm.
Instant messaging apps and social media platforms are not all created equal. In deciding what tools to use, you need to consider both the functionality of the service and how secure and private your information and activity will be.
Six factors to consider in assessing the
RISKS of using a particular service or app
Ensure you’re using a service or app from a trustworthy platform. An app can have a high profile online and be useful, but somewhere there’s a company operating that service, accessing your device and holding your information. You need to decide if you trust the platform to provide an application that does what it claims and nothing more. Ask yourself whether you trust it not to use your information for its own purposes.
Pay close attention to the app or platform’s security functions. Don’t use a platform that doesn’t support strong authentication mechanisms, such as two-factor sign in, and that doesn’t provide fast support if your account is compromised.
Many services use end-to-end encryption to secure conversations, and offer features like disappearing messages and identity confirmation to help promote confidentiality. These are not foolproof - an untrustworthy recipient can still take a screenshot of a conversation and post it online — but they are an indication the provider takes security seriously.
Take a moment to consider the sensitivity of your messages before you send them, regardless of your device’s security or which app or service you’re using. If the information is highly sensitive, you need to be sure you can trust the platform of the service you are using.
If you feel you require an app or service but aren’t sure of how secure it is, consider having a phone or computer dedicated to that app. Don’t use the device for anything else, and never use it for sending sensitive information, even by direct message.
Think about which nation’s laws will apply to your information and your activity on the platform. Most social media platforms and apps will store and process your information outside of Canada. We recommend using providers and apps that store your data in jurisdictions that have privacy protection laws equal to Canada’s.